Lucene search

[email protected]NVD:CVE-2013-4608

HistoryJun 17, 2013 - 11:38 a.m.

CVE-2013-4608

2013-06-1711:38:53

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

JSON

Cross-site scripting (XSS) vulnerability in REDCap before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors involving the Graphical Data View & Descriptive Stats page.

Affected configurations

NVD

Node

project-redcapredcapMatch4.13.18

project-redcapredcapMatch4.14.5

project-redcapredcapMatch4.14.6

project-redcapredcapMatch4.15.0

project-redcapredcapMatch4.15.1

project-redcapredcapMatch4.15.2

project-redcapredcapMatch4.15.3

project-redcapredcapMatch4.15.4

project-redcapredcapMatch5.0.0

project-redcapredcapMatch5.0.1

project-redcapredcapMatch5.0.2

project-redcapredcapMatch5.0.3

project-redcapredcapMatch5.0.4

vanderbiltredcapRange≤5.0.5

vanderbiltredcapMatch4.14.0

vanderbiltredcapMatch4.14.1

vanderbiltredcapMatch4.14.2

vanderbiltredcapMatch4.14.3

vanderbiltredcapMatch4.14.4

References

ctsi.psu.edu/wp-content/uploads/2013/03/REDCap-Release-Notes-Version5.pdf

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.1%

JSON

Related for NVD:CVE-2013-4608

cve1 prion1 cvelist1